Openbsd /
OpenBSD 7.5 Install Guide
This is a quick install guide for OpenBSD 7.5.
Before You Begin
NOTE: This guide is no substitute for reading the OpenBSD FAQ. In particular, you should read the Installation Guide and the release notes for 7.5.
Booting from ISO
- First, you'll want to boot up from the install ISO. Make sure you verify the ISO before you install. Please consult the BuyVM, OpenBSD VMM, or the bsd.rd install guides.
CD-ROM: E0 Loading /7.5/AMD64/CDBOOT probing: pc0 com0 mem[638K 2046M a20=on] disk: hd0+* cd0 >> OpenBSD/amd64 CDBOOT 3.65 boot>
- At bootup, type
boot
, then press enter. Or wait a few seconds to boot automatically.cannot open cd0a:/etc/random.seed: No such file or directory booting cd0a:/7.5/amd64/bsd.rd: 4076463+1688576+3891240+0+708608 [109+464016+317541]=0xaa40e8 ... root on rd0a swap on rd0b dump on rd0b WARNING: CHECK AND RESET THE DATE! erase ^?, werase ^W, kill ^U, intr ^C, status ^T
Installation
Welcome to the OpenBSD/amd64 7.5 installation program. (I)nstall, (U)pgrade, (A)utoinstall or (S)hell?
- Type
i
for install - NOTE: At any time during the installation, if you make a mistake, you can type
ctrl+c
to cancel the install process. Then, pressctrl+d
to bring back the installation options.At any prompt except password prompts you can escape to a shell by typing '!'. Default answers are shown in []'s and are selected by pressing RETURN. You can exit this program at any time by pressing Control-C, but this can leave your system in an inconsistent state. Terminal type? [vt220]
- If you're using OpenBSD's VMM, press enter to use the default terminal type (vt220).
System hostname? (short form, e.g. 'foo') subdomain
- Type in your system hostname. It is usually a single word. For example, if your full domain name is
subdomain.example.com
, type insubdomain
.
Configuring Networking
Available network interfaces are: vio0 vlan0. Which network interface do you wish to configure? (or 'done') [vio0]
- If you're installing for a virtual machine, you are likely using vio0 for your network interface (short for VirtIO). If you are using some other interface (like em0), you may want to change the networking device to VirtIO.
IPv4 address for vio0? (or 'autoconf' or 'none') [autoconf] 192.0.2.2 Netmask for vio0? [255.255.255.0] IPv6 address for vio0? (or 'autoconf' or 'none') [none] 2001:db8:abcd::1 IPv6 prefix length for vio0? [64] 48 Available network interfaces are: vio0 vlan0. Which network interface do you wish to configure? (or 'done') [done] Default IPv4 route? (IPv4 address or none) 192.0.2.1 add net default: gateway 192.0.2.1 1) none IPv6 default router? (list #, IPv6 address or 'none') 2001:db8::1 add net default: gateway 2001:db8::1
- For server hosting, it's recommended that you statically assign the IPv4 address rather than relying on autoconf, which uses DHCP?.
- Your IPv4 and IPv6 addresses, netmask, prefix length, and default gateway should be in your registration email or your provider's web panel. Type in your IPv4 and IPv6 addresses here.
- autoconf (using DHCP) is not recommended. Unlike with static networking, DHCP allocates IP addresses dynamically. Sometimes, routers can can change your address during a reboot, causing your DNS records to be invalid, and your users unable to connect.
- If you chose autoconf by accident, it can be fixed later. You can either type ctrl+c to cancel installation, then ctrl+d to restart installation, or you can finish installation, then follow the static networking guide.
- Your IPv6 prefix length may not be the same as your subnet length. Please double check both carefully.
DNS domain name? (e.g. 'example.com') [my.domain] example.com DNS nameservers? (IP address list or 'none') [none] 8.8.8.8
- The DNS domain name will be the rest of your fully qualified domain name once you skip the subdomain. If your full hostname is
subdomain.example.com
, it would beexample.com
. - Common DNS nameservers include 8.8.8.8 from Google, 1.1.1.1 from Cloudflare, and 9.9.9.9 from Quad9. IRCNow provides 38.87.162.1 as a DNS server.
- Eventually, we recommend setting up your own unbound caching name server for independence. If using unbound, you would use 127.0.0.1 as your nameserver.
- NOTE: If you use 127.0.0.1, you will not be able to download packages for installation without using the trick described below.
User Management
Password for root account? (will not echo) Password for root account? (again)
- Type in your root password twice. Note that your password will NOT be printed on the screen. It is invisible to improve security.
Start sshd(8) by default? [yes] Change the default console to com0? [yes] Available speeds are: 9600 19200 38400 57600 115200. Which speed should com0 use? (or 'done') [115200]
- You will need to start sshd by default to remotely administer the system. For the other settings, accept the default.
Setup a user? (enter a lower-case loginname, or 'no') [no] username Full name for user username? [username] Password for user username? (will not echo) Password for user username? (again) WARNING: root is targeted by password guessing attacks, pubkeys are safer. Allow root ssh login? (yes, no, prohibit-password) [no]
- Create a username so you can avoid logging in as root. Don't allow root ssh login; disabling it will help improve security.
What timezone are you in? ('?' for list) [US/Central]
- Select the timezone (make it match your physical location). Type ? to list all possible timezones.
Partitioning Disks
Available disks are: sd0. Which disk is the root disk? ('?' for details) [sd0]
- Press
?
to see information about available disks. - Select the correct disk. WARNING: Selecting the wrong disk may erase data forever!
Encrypt the root disk with a passphrase? [no]
- OpenBSD offers full disk encryption. Because it is simpler and faster without encryption, this guide chooses to skip full disk encryption.
No valid MBR or GPT. Use (W)hole disk MBR, whole disk (G)PT or (E)dit? [whole]
- You are encouraged to read up on fdisk and disklabel. If this is a fresh install and you have no important data on the disk, accept the default (W)hole Disk.
Setting OpenBSD MBR partition to whole sd0...done. The auto-allocated layout for sd0 is: # size offset fstype [fsize bsize cpg] a: 624.9M 64 4.2BSD 2048 16384 1 # / b: 1029.8M 1279840 swap c: 20480.0M 0 unused d: 879.8M 3388864 4.2BSD 2048 16384 1 # /tmp e: 1314.7M 5190752 4.2BSD 2048 16384 1 # /var f: 2449.8M 7883296 4.2BSD 2048 16384 1 # /usr g: 668.9M 12900448 4.2BSD 2048 16384 1 # /usr/X11R6 h: 2448.7M 14270432 4.2BSD 2048 16384 1 # /usr/local i: 1690.0M 19285344 4.2BSD 2048 16384 1 # /usr/src j: 5499.9M 22746368 4.2BSD 2048 16384 1 # /usr/obj k: 3873.5M 34010176 4.2BSD 2048 16384 1 # /home Use (A)uto layout, (E)dit auto layout, or create (C)ustom layout? [a]
- Unless you have a specific layout in mind, type enter to use (A)uto layout. If you have special needs, consult the disklabel guide.
newfs: reduced number of fragments per cylinder group from 79984 to 79352 to enlarge last cylinder group /dev/rsd0a: 624.9MB in 1279776 sectors of 512 bytes 5 cylinder groups of 154.98MB, 9919 blocks, 19840 inodes each /dev/rsd0k: 3873.5MB in 7932864 sectors of 512 bytes ... /dev/sd0i (1b7ff2bba74aebde.i) on /mnt/usr/src type ffs (rw, asynchronous, local, nodev, nosuid) /dev/sd0e (1b7ff2bba74aebde.e) on /mnt/var type ffs (rw, asynchronous, local, nodev, nosuid)
Installing Base Sets
Let's install the sets! Location of sets? (cd0 disk http nfs or 'done') [cd0]
Using CD ISO
- To use a CD ISO, type
cd0
. To use a flash drive, typedisk
. To download from the internet, typehttp
. - If you choose to use
cd0
:
Location of sets? (cd0 disk http nfs or 'done') [cd0] Pathname to the sets? (or 'done') [7.5/amd64] Select sets by entering a set name, a file name pattern or 'all'. De-select sets by prepending a '-', e.g.: '-game*'. Selected sets are labelled '[X]'. [X] bsd [X] comp75.tgz [X] xbase75.tgz [X] xserv75.tgz [X] bsd.rd [X] man75.tgz [X] xshare75.tgz [X] base75.tgz [X] game75.tgz [X] xfont75.tgz Set name(s)? (or 'abort' or 'done') [done] Directory does not contain SHA256.sig. Continue without verification? [no] yes
- If using the default ISO, the default pathname will be
7.5/amd64
. You may need to replaceamd64
with your specific architecture. - If you're using CD, please verify the ISO before you install. Once you have done this, you can then install without verification. If you are using
HTTP
, you must verify the sets to be safe. Do not use unverified sets overHTTP
.
# OpenBSD has base sets?, which are default software that is included with the installation image. Base software is audited and maintained by the OpenBSD team. - In the OpenBSD FAQ:
New users are recommended to install all of them.Some libraries from xbase75.tgz, like freetype or fontconfig, can be used outside of X by programs that manipulate text or graphics. Such programs will usually need fonts, either from xfont75.tgz or font packages. For the sake of simplicity, the developers decided against maintaining a minimal xbase75.tgz set that would allow most non-X ports to run.If you chose to skip some file sets at install time, you might realize later that you really do need them after all. Simply boot bsd.rd from your root file system and choose (U)pgrade. When you get to the list of file sets, select the ones you need.
- The X sets are often needed even if you don't run X. If you skip it now, you may later need to reboot the server and run bsd.rd to upgrade the installation. This would require downtime. The X packages are only a few hundred megabytes and present minimal security risk so long as X is disabled.
Using HTTP
- If you choose to use
http
:
Location of sets? (cd0 disk http nfs or 'done') [cd0] http HTTP proxy URL? (e.g. 'http://proxy:8080', or 'none') [none] HTTP Server? (hostname, list#, 'done' or '?') ? HTTP Server? (hostname, list#, 'done' or '?') [mirror.esc7.net] Server directory? [pub/OpenBSD/7.5/amd64] Select sets by entering a set name, a file name pattern or 'all'. De-select sets by prepending a '-', e.g.: '-game*'. Selected sets are labelled '[X]'. [X] bsd [X] comp75.tgz [X] xbase75.tgz [X] xserv75.tgz [X] bsd.rd [X] man75.tgz [X] xshare75.tgz [X] base75.tgz [X] game75.tgz [X] xfont75.tgz Set name(s)? (or 'abort' or 'done') [done]
- Unless you have specifically configured an HTTP proxy, you can leave the setting as
none
. - For
HTTP Server
, type?
to see a list of possible servers. Here, we selectmirror.esc7.net
because it is closest to where our server is located. - The Server directory should be left at its default
pub/OpenBSD/7.5/amd64
. You may need to replaceamd64
with your specific architecture. - NOTE: If you choose
http
, it will need proper networking (including DNS). At times, DNS may not be properly configured, such as if you are using unbound. There is a way to bypass normal DNS resolution: instead of using a hostname likeexample.com
, use an IPv4 address like192.0.2.1
.
# Select all the sets, then enterdone
.
Using Disk
- If you choose to use
disk
, typedisk
:
Location of sets? (cd0 disk http nfs or 'done') [http] disk Is the disk partition already mounted? [yes] no Available disks are: sd0 sd1. Which disk contains the install media? (or 'done') [sd0]
- Select the disk with install media.
Install and Reboot
Installing bsd 100% |**************************| 25844 KB 00:03 Installing bsd.rd 100% |**************************| 4575 KB 00:00 Installing base75.tgz 81% |********************* | 270 MB 00:19 ETA ...
- Once installation is complete, type
done
forLocation of sets
:
Location of sets? (cd0 disk http nfs or 'done') [done] Saving configuration files... done. Making all device nodes... done. fw_update: add intel; update none Relinking to create unique kernel... done. CONGRATULATIONS! Your OpenBSD install has been successfully completed! When you login to your new system the first time, please read your mail using the 'mail' command.
- Restart the VPS.
Exit to (S)hell, (H)alt or (R)eboot? [reboot]